The management of data-processing infrastructures plays a key role in several contexts (for example, in large companies). For this purpose, various resource management tools are available for facilitating the management of multiple target computers (or simply targets) from a server computer (or simply server) of the data-processing infrastructure.
Particularly, resource management tools based on the concept of policies have been proposed in the last years—for example, as described in “Policy Framework” at http.//tools.ietf.org/html/draft-ietf-policy-framework-00 or in US-A-US2005/172015 (the entire disclosures of which are herein incorporated by reference). In a resource management tool of this type, a set of policies is defined (each one indicating a condition to be fulfilled by the targets to be compliant with the policy and an action to be executed for remedying their non-compliance); selected policies are then assigned to each target. The corresponding policies are enforced periodically on each target to verify the compliance of the target with them and to remedy any possible non-compliance. This reduces the administrative effort required to manage the targets, since the focus is now shifted from their management at an individual level to the definition of their policies at an aggregate level.
The enforcement of the policies may be implemented with two different approaches. In a server-based approach, the server remotely triggers the evaluation of the corresponding policies on all the targets, collects their results, and remedies any non-compliance of the targets. Conversely, in a target-base approach each target locally evaluates the corresponding policies and remedies any non-compliance with them (with the server that simply provides the policies to the targets and collects information about their compliance).
Moreover, US-A-2004/0049500 (the entire disclosure of which is herein incorporated by reference) discloses a resource management system, wherein an authority publishes rules defining target configurations of corresponding categories of subjects. Each subject provides its category to an associated helper; the helper retrieves the rules corresponding to the category of the subject, and applies these rules on it. US-A-2006/0020801 (the entire disclosure of which is herein incorporated by reference) instead discloses a self-adaptive management system, wherein an authority publishes rules defining target configurations of corresponding categories of subjects, and a supervisor publishes a current stage of a workflow of application of the rules. Each subject retrieves and applies the rules of its category corresponding to the current stage, and then publishes information about its compliance with them; once all the subjects are compliant with their rules, the supervisor updates the current stage accordingly.
The resource management tools implementing the target-based approach are the most widely used, since they allow distributing the workload throughout the targets; in this way, it is possible to reduce any bottleneck in the server, so as to obtain a very high scalability.
However, the target-based approach may be difficult (if not impossible) to apply in specific situations. Particularly, this problem may arise when the remediation of the targets should be controlled centrally—for example, for maintaining software products at correct maintenance levels. Moreover, the same problem may arise when the remediation of the targets involves interactions with external data-processing systems, where direct access by the targets may be not suitable (e.g., because of security issues) or even not feasible at all (e.g., because of technical issues)—for example, for controlling license entitlements of software products. The problem may also arise when the remediation of the targets requires the orchestration of complex activities—for example, for migrating operating systems. In other cases, it may also be preferable to concentrate some activities on the server—for example, for notifying end-users via e-mails.